Posts

Protecting Your Parents from Identity Theft

According to statistics, those who are 50-years old and older, like 65-85, are often targets of identity thieves. The bad guys have no issue taking advantage of your parents. They violate their trust, and understand that they are often naïve about the internet and scammy phone callls. Cyber criminals also know that older people have retirement money and more savings, and this money is ready for them to take. Here are some of the common scams that the bad guys use:

Common Scams Against Older People

  • The bad guys might send them an email saying that they are from the IRS, CIA, FBI, or even a bank. The email says that there is a problem that needs the recipient’s attention. The scammers then ask for information like their Social Security numbers, bank account information, and more.
  • Another scam is to pull on their heart strings. In this case, the scammer calls the person and claims to be someone they know, like a grandchild, who needs money wired because it’s an emergency.
  • Scammers also try to take advantage of people by using their home’s information. If they can access the deed of a person’s home, they can use other information, like their bank account number and Social Security number and can refinance the home. Then, of course, they get all of that money and the person living there is none the wiser.
  • Crooks also focus on people in retirement homes. They get a job at these homes, and then manipulate the residents to give them personal information.
  • They seek out the lonely. If your parent is single because of divorce or death they are a target. Loneliness often trumps common sense. There’s a level of desperation that predators seek out.

Preventing Scams Against Your Parents

You probably want to do all that you can to prevent this from happening. Here are some methods you can use:

  • Become the main guardian over the personal information and financial accounts of your parent’s. This way, when your parent is contacted by a suspicious person, they must go through you to get any information. Even information like your mother’s maiden name might be used to commit identity theft down the road. Make sure your parents know that they shouldn’t ever share personal information and any and all requests for any money must go through you. No matter how persistent the person on the phone or via email is.
  • Don’t ever share personal or identifying info on a social media site. Criminals will target your parents in “Grandparents Scams” posing as their grand children in distress using social profiles as research.
  • Make sure your parents know to check their credit card and bank accounts quite often. You should also set up text or email alerts about their accounts.
  • Get your parents a shredder. All bank statements and any other sensitive information should be put through the shredder. Crooks love to go through trash to find old statements and other information that they can use.
  • If your parents use Wi-Fi, show them how to use a VPN. Hotspots are not protected and scammers use them often.
  • When writing an obituary, don’t use any details that a crook could use to steal an identify. Sadly, the bad guys use this information in terrible ways.
  • Explain the importance of email safety. Phishing is very common, and even if an email looks safe and legitimate, no one, including you or your parents, should click a link in an email.
  • Help your parents understand that there is a difference between http and https. Tell them that if a website has http, it is not secure, so they shouldn’t share personal information.
  • You can also help your parents opt out of any unnecessary offers. Go to the website com and sign up.
  • Work with your parents to freeze their credit.

Stay Aware of Scammers

Do not allow your parents to be a scammer’s next victims. You can easily prevent this, and most importantly, your parents won’t have to go through the stress of rebuilding their credit and recovering their identity. One of the most important things that you can do is to be aware of these scams.

Protect the Identity of Your Parents

All of us are vulnerable to identity theft, and we can’t protect ourselves 100% of the time. However, by doing things like signing up for identity theft protection or doing a credit freeze can help to keep us all safe.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Parents: do You know your Teen’s Social Media Platforms?

With all the apps out there that individualize communication preferences among teens, such as limiting “sharing,” parents should still hold their breath. Face it, parents: times have changed. It’s your duty to discuss these applications with your kids. And parents should also familiarize themselves with the so-called temporary apps.14D

  • Temporary messages do not vanish forever.
  • Are anonymous applications really anonymous?
  • How temporary is “temporary”?

Kik Messenger

  • Users can stay anonymous and conduct all sorts of communication.
  • Has perks, like seeing if someone read your message.
  • Has drawbacks, such as accidentally sending content to more people than the user intended.
  • Easy to end up communicating with anonymous strangers.
  • Involves ads disguised as communication.

Ask.fm

  • Kids anonymously ask questions, e.g., “How do I conceal my eating disorder from my parents?” This question is benign compared to others on the site, though many users are innocent teens just hanging out.
  • This kind of site, though, promotes cyberbullying.

Whisper

  • Intended for adults, this app is where you post what’s eating you.
  • Some posts are uplifting and inspirational, while others are examples of human depravity.
  • Replete with references to drugs, liquor and lewd behavior—mixed in with the innocent, often humorous content.

Yik Yak

  • For users wanting to exchange texts and images to nearby users—hence having a unique appeal to teens.
  • And it’s anonymous. Users have made anonymous threats of violence via Yik Yak.
  • Due to the bond of communicating with local users and the anonymity, this medium is steeped in nasty communication.
  • Threats of violence will grab the attention of law enforcement who can turn “anonymous” into “identified.”

Omegle

  • This anonymous chat forum is full of really bad language, sexual content, violence, etc.
  • The app’s objective is to pair teens up with strangers (creepy!).
  • Yes, assume that many users are adult men—and you know why.
  • Primarily for sexual chat and not for teens, but teens use it.

Line

  • Texting, sending videos, games, group chats and lots of other teeny features like thousands of emoticons.
  • The Hidden Chat feature allows users to set a self-destruct time of two seconds to a week for their messages.
  • For the most part it’s an innocent teen hub, but can snare teens into paying for some of the features.

Burn Note

  • Text messages are deleted after a set time period.
  • Texts appear one word at a time.
  • Burn Note can promote cyberbullying—for obvious reasons.

Snapchat

  • Users put a time limit on imagery content before it’s erased. So you can imagine what some of the imagery might be.
  • And images aren’t truly deleted, e.g., Snapsaved (unrelated to Snapchat) can dig up any Snapchatted image, or, the recipient can screenshot that nude image of your teen daughter—immortalizing it.

REPEAT: Face it, parents: times have changed. It’s your duty to discuss these applications with your kids. And parents should also familiarize themselves with the so-called temporary apps.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Identity Theft of the Dead affects the Living

You don’t have to be living to have your identity stolen. Every year in America there’s 2.5 million cases of ID theft involving the deceased. And while your first reaction might be “So what, I’ll be dead and I won’t care”, you need to keep in mind that identity theft of the dead often significantly affects the living. How can this be prevented or at least, minimized?

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Shut Down Social Media

Though it’s hard to do, closing down the decedent’s Facebook page will contribute to preventing ID theft.

Contact the Social Security Administration

This agency has a “death master file” of the SS numbers of deceased people that should be rendered inactive. This way a thief can’t use the number. Don’t wait for a funeral director to do this (though that’s their job); do it yourself for faster results.

Obits

When composing an obituary, people should post very little information. Crooks actually read these in search of a possible ID theft victim. The information to leave out includes names of survivors, complete addresses and professional history.

Receiving Bills

If a decedent’s identity has been hijacked, a survivor may begin receiving bills in that person’s name…and eventually, calls from collection agencies. “The problem isn’t so much financial — it’s emotional,” says Maria Cordeiro with the Chubb Group of Insurance Companies in an article from business-news.thestreet.com. You may have to be dragged through the pain of proving that your deceased loved-one is, in fact, no longer around.

How do you fix this problem?

  • Get all the needed documentation together, because you’ll need to send it out to any entity that requires it for proof.
  • Obtain a credit report prior to the person’s death. Of course, this works in cases of a diagnosed terminal condition versus accident. Once you have the person’s credit report, then six months after death, obtain another for comparison, says Cordeiro. The decedent’s name and SSN, six months later, should be in the death master file.
  • Do some credit monitoring. This is easier than obtaining a credit report for someone who’s dead.
  • Do a credit freeze. For a small fee, the credit report gets frozen shut, preventing a thief from opening a new account.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

15 Small-Business Social Network Nightmares

You may think you’ve guarded your company, but are your social media outlets unprotected? Look at these 15 potential weaknesses in your defense.

11DCan you think of five social network nightmares you hope never happen to your business? How about 10?

Well, I can top that, because there are at least 15 social network mishaps that can haunt a business owner. Here’s a closer look at 15 types of trouble you can encounter on Facebook, Twitter and other popular social media platforms. Once you’re aware of all these potential dangers, you should take the necessary steps to prevent them from damaging your company.

1. Posting about illegal or questionable activities. Can you think of an illegal activity your employees might engage in that could get your company into trouble if they posted it on Facebook? How about underage drinking? If you employ teens under the age of 18 and any of them posted a photo of themselves drinking at your place of business, you could be in trouble with the law. And even if all your employees are adults, they can still post something unflattering (though not illegal) that could smear your reputation.

2. Account hijacking. Remember when the Dow dropped 150 points last April after someone hacked the Associated Press’ Twitter account and sent out a tweet that fraudulently claimed the White House had been attacked and President Obama had been injured? Don’t shrug it off—account hijacking can happen closer to home. Fraudsters may send your employees Twitter messages on their workplace computers that are designed to fake the recipients into thinking they’re receiving authentic messages when, in fact, the fraudster’s motive is to get money or sensitive data.

3. Bullying on Facebook. Bullying doesn’t just happen among kids; workplace bullying also exists, and what better place than on social media? Sometimes employees who manage a company’s social media get frustrated with the public’s comments and fight back with below-the-belt comments.

4. Online reputation management. Make sure you and your employees never post anything on Facebook that you wouldn’t show your grandmother or wouldn’t want going viral and damaging your brand.

5. Social media identity theft. Ever considered the possibility that someone could take your business’s name and use it for nefarious purposes? Someone could crack your password, take over an account and cause a trail of destruction. Or they could create a new account using your business’s name and post all sorts of alarming, but false, things about your company. Make sure your business name is protected by constantly navigating the Web, seeking out spoofed sites and your likeness or logo.

6. Financial identity theft. Does your company’s Facebook page include personal information about employees, such as the names of their pets or children? What about their birthdays? Hackers can take this information and use it to crack passwords to online business accounts. Be sure to use privacy settings, and make sure your company’s Facebook page isn’t full of personal details.

7. Burglaries. Never post information about vacation or travel dates on your social pages. Do you want the whole world (which includes crafty burglars) to know when you’ll be away?

8. Geo-stalking. Don’t use location-based GPS technology unless you absolutely need to (for instance, if you and your employees are on a “team building” trek in the wilderness and get lost). While search-and-rescue teams need to find you, stalkers who want your identity do not.

9. Corporate spying. Yes, it’s possible: A crook could pose as one of your employees, set up a Facebook group and invite all your employees to join. This enables the bad guy to gather sensitive data from your business and use it against you.

10. Harassment. Someone who’s disgruntled could stalk your brand and make false accusations. They could set up blogs and social sites, post videos and continually tweet their angry thoughts.

11. Government spying. It’s 10 p.m.: Do you know who it is you just friended on your Facebook page? The Associated Press says, “U.S. law enforcement agents are following the rest of the Internet world into popular social networking services, going undercover with false online profiles to communicate with suspects. Just don’t be a ‘suspect.’”

12. Sex offenders. Sex offenders have been known to pose as someone other than themselves—younger, a different sex, etc.—so they can gain the trust of their victims. You might connect with them online as a business only to discover down the road that they’re a predator.

13. Scams. A bad guy could set up a phony Facebook page and then create phony contests to slurp sensitive customer data such as names, addresses, emails, phones, account numbers and credit card numbers.

14. Legal liabilities. Privacy settings on Facebook can hide posts, but that doesn’t matter to a judge in New York who recently ruled that items posted on Facebook (as well as other social networking sites) can be used as evidence in court—even if the posts were concealed by the privacy settings.

15. Zero privacy. And speaking of privacy, don’t assume you actually have any, because thieves have already figured out how to yank data from the innards of Facebook that’s supposedly just for you and your closest colleagues to see. So be very careful what you put up on Facebook, privacy settings or not.

Robert Siciliano is the author of four books, including The 99 Things You Wish You Knew Before Your Identity Was Stolen. He is also a corporate media consultant and speaker on personal security and identity theft. Find out more at www.RobertSiciliano.com.

Twitter Scam Hooks Thousands

Twitter’s numbers are astounding. In the physical world, when communities become larger and more densely populated, crime rises. The same applies to online communities.

CNET broke down Twitter’s recent blog post, which celebrates their significant numbers: “It took three years, two months, and one day for Twitter to hit 1 billion tweets; now, a billion tweets are posted in the course of a week. An average of 460,000 new accounts were created per day over the past month, and an average of 140 million tweets were posted per day. Twitter now has 400 employees, 50 of whom have been hired since January.”

Spammers, scammers, and thieves are paying attention.

Techland reports, “At least 10,000 Twitter users fell for a scam that spread like wildfire across the social networking site early today. Quick action by link shortening service bit.ly – as well as thousands of people retweeting warnings – brought the scam attack under control in a few hours.”

Common Twitter scams include:

Hijacked Accounts: Numerous Twitter accounts have been hacked, including those of President Obama and, recently, Ashton Kutcher. Kutcher’s account was most likely “Firesheeped,” which can occur when a wireless device is used to access an unsecured site.


Social Media Identity Theft: Hundreds of imposter accounts are set up every day. Sarah Palin, St. Louis Cardinals coach Tony LaRussa, Kanye West, The Huffington Post, and many others have been impersonated by fake Twitter accounts opened in their names.

Worms: Twitter has been plagued by worms, which spread messages encouraging users to click malicious links. When one user clicks, his account is infected and used to further spread the message. Soon his followers and then their followers are all infected.

Phishing: Hacked Twitter accounts are used to send phishing messages, which instruct users to click links that point to spoofed sites, where users will be prompted to enter login credentials, putting themselves at risk of identity theft.

Social media sites could go a long way in protecting their users by incorporating device reputation management. Rather than accepting information provided by an anonymous user, device reputation allows social sites to leverage knowledge about a device’s history—which could include spam, phishing attempts, predatory behavior, profile misrepresentation and even credit card fraud.  Device reputation alerts businesses to suspicious behavior exhibited while bad actors are on their websites, uncovers the device’s true location, and exposes hidden relationships to other high-risk accounts and devices.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses social media hacking on Fox Boston. (Disclosures)

10 Types of Criminal Social Media Impersonators

Social media is the fifth form of mainstream media. At this point, most people know how to use social media, and how to navigate the various websites. But what most users don’t yet realize is how social media can be used against them.

Social media identity theft occurs for a number of reasons.

1.    An online impersonator may attempt to steal your clients or potential clients.

2.    Impersonators may squat on your name or brand, hoping to profit by selling it back to you or preventing you from using it.

3.    Impersonators who pose as legitimate individuals or businesses can post infected links that will infect the victim’s PC or network with a virus that gives hackers backdoor access.

4.    Impersonators sell products or services and offer deals with links to spoofed websites in order to extract credit card numbers.

5.    An impersonator poses as you, and even blogs as you, in order to damage your name or brand. Anything the impersonator writes that is libelous, defamatory, or just plain wrong hurts your reputation and can even make you the target of a lawsuit.

6.    Impersonators harass you or someone you know, perhaps as revenge over a perceived slight.

7.    An impersonator steals a name or brand that has leverage, such as an employee, celebrity, or Fortune 500 company, as a form of social engineering, in order to obtain privileged access.

8.    An impersonator may be obsessed with you or your brand and simply wants to be associated with you.

9. An impersonator might parody you or your brand by creating a tongue-in-cheek website that might be funny and obviously spoofed, but will most likely not be funny to you.

10. An impersonator poses as an attractive woman or man interested in a relationship in order to persuade potential victims to send naked photos, which can then be used for extortion.

Social media sites could go a long way in protecting their users by incorporating device reputation management.  Rather than looking at the information provided by the user (which in this case could be an impersonator), go deeper to identify the computer being used so that negative behaviors are exposed early and access to threatening accounts are denied before your business reputation is damaged and your users abused.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses social media Facebook scammers on CNN. Disclosures.

Twitter Crime on the Rise

Twitter is now beginning to see a substantial rise in active users. A recent report found that the percentage of Twitter users who have tweeted ten or more times, have more than ten followers, and follow more than ten people rose from 21% to 29% in the first half of 2010.

Spammers, scammers, and thieves are paying attention.

In the physical world, when communities become larger and more densely populated, crime rises. This also applies to online communities, like Twitter and Facebook.

Twitter’s “direct messages” and “mention” functions are laden with spam, often prompting users to click various links. Why anyone would want me to “Take a Good Look at Hypnotherapy” is beyond me, but someone must be buying because the spam keeps coming.

Common Twitter scams include:

Hijacked Accounts: Numerous Twitter (and Facebook) accounts, including those of President Obama, Britney Spears, Fox News and others have been taken over and used to ridicule, harass, or commit fraud.

Social Media Identity Theft: Hundreds of imposter accounts are set up every day. Sarah Palin, St. Louis Cardinals Coach Tony LaRussa, Kanye West, The Huffington Post, and many others have been impersonated by fake Twitter accounts opened in their names.

Worms: Twitter is sometimes plagued by worms, which spread messages encouraging users to click malicious links. When one user clicks, his account is infected and used to further spread the message. Soon his followers and then their followers are all infected.

DOS Attack: A denial-of-service attack left Twitter dark for more than three hours. The attack seems to have been coordinated by Russian hackers targeting a blogger in the Eastern European country of Georgia.

Botnet Controller: One Twitter account produced links pointed to commands to download code that would make users’ computers part of a botnet.

Phishing: Hacked Twitter accounts are used to send phishing messages, which instruct users to click links that point to spoofed sites, where users will be prompted to enter login credentials, putting themselves at risk of identity theft.

Twitter Porn: Please, “Misty Buttons,” stop sending me invites to chat or to check out your pictures.

Twitter Spam: The use of shortened URLs has made Twitter’s 140 character limit the perfect launch pad for spam, shilling diet pills, Viagra and whatever else you don’t need.

To prevent social media identity theft, take ownership of your name or personal brand on Twitter. Protecting yourself from other scams requires some savvy and an unwillingness to click mysterious links. In other cases, you’ll need to keep your web browser and operating system updated in order to remain safe. Make sure to keep your antivirus software updated with the latest definitions, as well.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses hacking wireless networks on Fox Boston. (Disclosures)